4 # Copyright (C) 2006, 2007 Google Inc.
6 # This program is free software; you can redistribute it and/or modify
7 # it under the terms of the GNU General Public License as published by
8 # the Free Software Foundation; either version 2 of the License, or
9 # (at your option) any later version.
11 # This program is distributed in the hope that it will be useful, but
12 # WITHOUT ANY WARRANTY; without even the implied warranty of
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 # General Public License for more details.
16 # You should have received a copy of the GNU General Public License
17 # along with this program; if not, write to the Free Software
18 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
22 """Ganeti utility module.
24 This module holds functions that can be used in both daemons (all) and
25 the command line scripts.
45 import logging.handlers
55 from cStringIO import StringIO
62 from ganeti import errors
63 from ganeti import constants
64 from ganeti import compat
68 _re_shell_unquoted = re.compile('^[-.,=:/_+@A-Za-z0-9]+$')
72 #: when set to True, L{RunCmd} is disabled
75 _RANDOM_UUID_FILE = "/proc/sys/kernel/random/uuid"
77 HEX_CHAR_RE = r"[a-zA-Z0-9]"
78 VALID_X509_SIGNATURE_SALT = re.compile("^%s+$" % HEX_CHAR_RE, re.S)
79 X509_SIGNATURE = re.compile(r"^%s:\s*(?P<salt>%s+)/(?P<sign>%s+)$" %
80 (re.escape(constants.X509_CERT_SIGNATURE_HEADER),
81 HEX_CHAR_RE, HEX_CHAR_RE),
84 _VALID_SERVICE_NAME_RE = re.compile("^[-_.a-zA-Z0-9]{1,128}$")
86 # Structure definition for getsockopt(SOL_SOCKET, SO_PEERCRED, ...):
87 # struct ucred { pid_t pid; uid_t uid; gid_t gid; };
89 # The GNU C Library defines gid_t and uid_t to be "unsigned int" and
92 # IEEE Std 1003.1-2008:
93 # "nlink_t, uid_t, gid_t, and id_t shall be integer types"
94 # "blksize_t, pid_t, and ssize_t shall be signed integer types"
96 _STRUCT_UCRED_SIZE = struct.calcsize(_STRUCT_UCRED)
98 # Certificate verification results
100 CERT_ERROR) = range(1, 3)
102 # Flags for mlockall() (from bits/mman.h)
107 class RunResult(object):
108 """Holds the result of running external programs.
111 @ivar exit_code: the exit code of the program, or None (if the program
113 @type signal: int or None
114 @ivar signal: the signal that caused the program to finish, or None
115 (if the program wasn't terminated by a signal)
117 @ivar stdout: the standard output of the program
119 @ivar stderr: the standard error of the program
120 @type failed: boolean
121 @ivar failed: True in case the program was
122 terminated by a signal or exited with a non-zero exit code
123 @ivar fail_reason: a string detailing the termination reason
126 __slots__ = ["exit_code", "signal", "stdout", "stderr",
127 "failed", "fail_reason", "cmd"]
130 def __init__(self, exit_code, signal_, stdout, stderr, cmd):
132 self.exit_code = exit_code
133 self.signal = signal_
136 self.failed = (signal_ is not None or exit_code != 0)
138 if self.signal is not None:
139 self.fail_reason = "terminated by signal %s" % self.signal
140 elif self.exit_code is not None:
141 self.fail_reason = "exited with exit code %s" % self.exit_code
143 self.fail_reason = "unable to determine termination reason"
146 logging.debug("Command '%s' failed (%s); output: %s",
147 self.cmd, self.fail_reason, self.output)
149 def _GetOutput(self):
150 """Returns the combined stdout and stderr for easier usage.
153 return self.stdout + self.stderr
155 output = property(_GetOutput, None, None, "Return full output")
158 def _BuildCmdEnvironment(env, reset):
159 """Builds the environment for an external program.
165 cmd_env = os.environ.copy()
166 cmd_env["LC_ALL"] = "C"
174 def RunCmd(cmd, env=None, output=None, cwd="/", reset_env=False):
175 """Execute a (shell) command.
177 The command should not read from its standard input, as it will be
180 @type cmd: string or list
181 @param cmd: Command to run
183 @param env: Additional environment variables
185 @param output: if desired, the output of the command can be
186 saved in a file instead of the RunResult instance; this
187 parameter denotes the file name (if not None)
189 @param cwd: if specified, will be used as the working
190 directory for the command; the default will be /
191 @type reset_env: boolean
192 @param reset_env: whether to reset or keep the default os environment
194 @return: RunResult instance
195 @raise errors.ProgrammerError: if we call this when forks are disabled
199 raise errors.ProgrammerError("utils.RunCmd() called with fork() disabled")
201 if isinstance(cmd, basestring):
205 cmd = [str(val) for val in cmd]
206 strcmd = ShellQuoteArgs(cmd)
210 logging.debug("RunCmd %s, output file '%s'", strcmd, output)
212 logging.debug("RunCmd %s", strcmd)
214 cmd_env = _BuildCmdEnvironment(env, reset_env)
218 out, err, status = _RunCmdPipe(cmd, cmd_env, shell, cwd)
220 status = _RunCmdFile(cmd, cmd_env, shell, output, cwd)
223 if err.errno == errno.ENOENT:
224 raise errors.OpExecError("Can't execute '%s': not found (%s)" %
236 return RunResult(exitcode, signal_, out, err, strcmd)
239 def StartDaemon(cmd, env=None, cwd="/", output=None, output_fd=None,
241 """Start a daemon process after forking twice.
243 @type cmd: string or list
244 @param cmd: Command to run
246 @param env: Additional environment variables
248 @param cwd: Working directory for the program
250 @param output: Path to file in which to save the output
252 @param output_fd: File descriptor for output
253 @type pidfile: string
254 @param pidfile: Process ID file
256 @return: Daemon process ID
257 @raise errors.ProgrammerError: if we call this when forks are disabled
261 raise errors.ProgrammerError("utils.StartDaemon() called with fork()"
264 if output and not (bool(output) ^ (output_fd is not None)):
265 raise errors.ProgrammerError("Only one of 'output' and 'output_fd' can be"
268 if isinstance(cmd, basestring):
269 cmd = ["/bin/sh", "-c", cmd]
271 strcmd = ShellQuoteArgs(cmd)
274 logging.debug("StartDaemon %s, output file '%s'", strcmd, output)
276 logging.debug("StartDaemon %s", strcmd)
278 cmd_env = _BuildCmdEnvironment(env, False)
280 # Create pipe for sending PID back
281 (pidpipe_read, pidpipe_write) = os.pipe()
284 # Create pipe for sending error messages
285 (errpipe_read, errpipe_write) = os.pipe()
292 # Child process, won't return
293 _StartDaemonChild(errpipe_read, errpipe_write,
294 pidpipe_read, pidpipe_write,
296 output, output_fd, pidfile)
298 # Well, maybe child process failed
299 os._exit(1) # pylint: disable-msg=W0212
301 _CloseFDNoErr(errpipe_write)
303 # Wait for daemon to be started (or an error message to arrive) and read
304 # up to 100 KB as an error message
305 errormsg = RetryOnSignal(os.read, errpipe_read, 100 * 1024)
307 _CloseFDNoErr(errpipe_read)
309 _CloseFDNoErr(pidpipe_write)
311 # Read up to 128 bytes for PID
312 pidtext = RetryOnSignal(os.read, pidpipe_read, 128)
314 _CloseFDNoErr(pidpipe_read)
316 # Try to avoid zombies by waiting for child process
323 raise errors.OpExecError("Error when starting daemon process: %r" %
328 except (ValueError, TypeError), err:
329 raise errors.OpExecError("Error while trying to parse PID %r: %s" %
333 def _StartDaemonChild(errpipe_read, errpipe_write,
334 pidpipe_read, pidpipe_write,
336 output, fd_output, pidfile):
337 """Child process for starting daemon.
341 # Close parent's side
342 _CloseFDNoErr(errpipe_read)
343 _CloseFDNoErr(pidpipe_read)
345 # First child process
350 # And fork for the second time
353 # Exit first child process
354 os._exit(0) # pylint: disable-msg=W0212
356 # Make sure pipe is closed on execv* (and thereby notifies original process)
357 SetCloseOnExecFlag(errpipe_write, True)
359 # List of file descriptors to be left open
360 noclose_fds = [errpipe_write]
365 # TODO: Atomic replace with another locked file instead of writing into
367 fd_pidfile = os.open(pidfile, os.O_WRONLY | os.O_CREAT, 0600)
369 # Lock the PID file (and fail if not possible to do so). Any code
370 # wanting to send a signal to the daemon should try to lock the PID
371 # file before reading it. If acquiring the lock succeeds, the daemon is
372 # no longer running and the signal should not be sent.
375 os.write(fd_pidfile, "%d\n" % os.getpid())
376 except Exception, err:
377 raise Exception("Creating and locking PID file failed: %s" % err)
379 # Keeping the file open to hold the lock
380 noclose_fds.append(fd_pidfile)
382 SetCloseOnExecFlag(fd_pidfile, False)
387 fd_devnull = os.open(os.devnull, os.O_RDWR)
389 assert not output or (bool(output) ^ (fd_output is not None))
391 if fd_output is not None:
396 # TODO: Implement flag to set append=yes/no
397 fd_output = os.open(output, os.O_WRONLY | os.O_CREAT, 0600)
398 except EnvironmentError, err:
399 raise Exception("Opening output file failed: %s" % err)
401 fd_output = fd_devnull
403 # Redirect standard I/O
404 os.dup2(fd_devnull, 0)
405 os.dup2(fd_output, 1)
406 os.dup2(fd_output, 2)
408 # Send daemon PID to parent
409 RetryOnSignal(os.write, pidpipe_write, str(os.getpid()))
411 # Close all file descriptors except stdio and error message pipe
412 CloseFDs(noclose_fds=noclose_fds)
414 # Change working directory
418 os.execvp(args[0], args)
420 os.execvpe(args[0], args, env)
421 except: # pylint: disable-msg=W0702
423 # Report errors to original process
424 buf = str(sys.exc_info()[1])
426 RetryOnSignal(os.write, errpipe_write, buf)
427 except: # pylint: disable-msg=W0702
428 # Ignore errors in error handling
431 os._exit(1) # pylint: disable-msg=W0212
434 def _RunCmdPipe(cmd, env, via_shell, cwd):
435 """Run a command and return its output.
437 @type cmd: string or list
438 @param cmd: Command to run
440 @param env: The environment to use
441 @type via_shell: bool
442 @param via_shell: if we should run via the shell
444 @param cwd: the working directory for the program
446 @return: (out, err, status)
449 poller = select.poll()
450 child = subprocess.Popen(cmd, shell=via_shell,
451 stderr=subprocess.PIPE,
452 stdout=subprocess.PIPE,
453 stdin=subprocess.PIPE,
454 close_fds=True, env=env,
458 poller.register(child.stdout, select.POLLIN)
459 poller.register(child.stderr, select.POLLIN)
463 child.stdout.fileno(): (out, child.stdout),
464 child.stderr.fileno(): (err, child.stderr),
467 SetNonblockFlag(fd, True)
470 pollresult = RetryOnSignal(poller.poll)
472 for fd, event in pollresult:
473 if event & select.POLLIN or event & select.POLLPRI:
474 data = fdmap[fd][1].read()
475 # no data from read signifies EOF (the same as POLLHUP)
477 poller.unregister(fd)
480 fdmap[fd][0].write(data)
481 if (event & select.POLLNVAL or event & select.POLLHUP or
482 event & select.POLLERR):
483 poller.unregister(fd)
489 status = child.wait()
490 return out, err, status
493 def _RunCmdFile(cmd, env, via_shell, output, cwd):
494 """Run a command and save its output to a file.
496 @type cmd: string or list
497 @param cmd: Command to run
499 @param env: The environment to use
500 @type via_shell: bool
501 @param via_shell: if we should run via the shell
503 @param output: the filename in which to save the output
505 @param cwd: the working directory for the program
507 @return: the exit status
510 fh = open(output, "a")
512 child = subprocess.Popen(cmd, shell=via_shell,
513 stderr=subprocess.STDOUT,
515 stdin=subprocess.PIPE,
516 close_fds=True, env=env,
520 status = child.wait()
526 def SetCloseOnExecFlag(fd, enable):
527 """Sets or unsets the close-on-exec flag on a file descriptor.
530 @param fd: File descriptor
532 @param enable: Whether to set or unset it.
535 flags = fcntl.fcntl(fd, fcntl.F_GETFD)
538 flags |= fcntl.FD_CLOEXEC
540 flags &= ~fcntl.FD_CLOEXEC
542 fcntl.fcntl(fd, fcntl.F_SETFD, flags)
545 def SetNonblockFlag(fd, enable):
546 """Sets or unsets the O_NONBLOCK flag on on a file descriptor.
549 @param fd: File descriptor
551 @param enable: Whether to set or unset it
554 flags = fcntl.fcntl(fd, fcntl.F_GETFL)
557 flags |= os.O_NONBLOCK
559 flags &= ~os.O_NONBLOCK
561 fcntl.fcntl(fd, fcntl.F_SETFL, flags)
564 def RetryOnSignal(fn, *args, **kwargs):
565 """Calls a function again if it failed due to EINTR.
570 return fn(*args, **kwargs)
571 except EnvironmentError, err:
572 if err.errno != errno.EINTR:
574 except (socket.error, select.error), err:
575 # In python 2.6 and above select.error is an IOError, so it's handled
576 # above, in 2.5 and below it's not, and it's handled here.
577 if not (err.args and err.args[0] == errno.EINTR):
581 def RunParts(dir_name, env=None, reset_env=False):
582 """Run Scripts or programs in a directory
584 @type dir_name: string
585 @param dir_name: absolute path to a directory
587 @param env: The environment to use
588 @type reset_env: boolean
589 @param reset_env: whether to reset or keep the default os environment
590 @rtype: list of tuples
591 @return: list of (name, (one of RUNDIR_STATUS), RunResult)
597 dir_contents = ListVisibleFiles(dir_name)
599 logging.warning("RunParts: skipping %s (cannot list: %s)", dir_name, err)
602 for relname in sorted(dir_contents):
603 fname = PathJoin(dir_name, relname)
604 if not (os.path.isfile(fname) and os.access(fname, os.X_OK) and
605 constants.EXT_PLUGIN_MASK.match(relname) is not None):
606 rr.append((relname, constants.RUNPARTS_SKIP, None))
609 result = RunCmd([fname], env=env, reset_env=reset_env)
610 except Exception, err: # pylint: disable-msg=W0703
611 rr.append((relname, constants.RUNPARTS_ERR, str(err)))
613 rr.append((relname, constants.RUNPARTS_RUN, result))
618 def GetSocketCredentials(sock):
619 """Returns the credentials of the foreign process connected to a socket.
621 @param sock: Unix socket
622 @rtype: tuple; (number, number, number)
623 @return: The PID, UID and GID of the connected foreign process.
626 peercred = sock.getsockopt(socket.SOL_SOCKET, IN.SO_PEERCRED,
628 return struct.unpack(_STRUCT_UCRED, peercred)
631 def RemoveFile(filename):
632 """Remove a file ignoring some errors.
634 Remove a file, ignoring non-existing ones or directories. Other
638 @param filename: the file to be removed
644 if err.errno not in (errno.ENOENT, errno.EISDIR):
648 def RemoveDir(dirname):
649 """Remove an empty directory.
651 Remove a directory, ignoring non-existing ones.
652 Other errors are passed. This includes the case,
653 where the directory is not empty, so it can't be removed.
656 @param dirname: the empty directory to be removed
662 if err.errno != errno.ENOENT:
666 def RenameFile(old, new, mkdir=False, mkdir_mode=0750):
670 @param old: Original path
674 @param mkdir: Whether to create target directory if it doesn't exist
675 @type mkdir_mode: int
676 @param mkdir_mode: Mode for newly created directories
680 return os.rename(old, new)
682 # In at least one use case of this function, the job queue, directory
683 # creation is very rare. Checking for the directory before renaming is not
685 if mkdir and err.errno == errno.ENOENT:
686 # Create directory and try again
687 Makedirs(os.path.dirname(new), mode=mkdir_mode)
689 return os.rename(old, new)
694 def Makedirs(path, mode=0750):
695 """Super-mkdir; create a leaf directory and all intermediate ones.
697 This is a wrapper around C{os.makedirs} adding error handling not implemented
702 os.makedirs(path, mode)
704 # Ignore EEXIST. This is only handled in os.makedirs as included in
705 # Python 2.5 and above.
706 if err.errno != errno.EEXIST or not os.path.exists(path):
710 def ResetTempfileModule():
711 """Resets the random name generator of the tempfile module.
713 This function should be called after C{os.fork} in the child process to
714 ensure it creates a newly seeded random generator. Otherwise it would
715 generate the same random parts as the parent process. If several processes
716 race for the creation of a temporary file, this could lead to one not getting
720 # pylint: disable-msg=W0212
721 if hasattr(tempfile, "_once_lock") and hasattr(tempfile, "_name_sequence"):
722 tempfile._once_lock.acquire()
724 # Reset random name generator
725 tempfile._name_sequence = None
727 tempfile._once_lock.release()
729 logging.critical("The tempfile module misses at least one of the"
730 " '_once_lock' and '_name_sequence' attributes")
733 def _FingerprintFile(filename):
734 """Compute the fingerprint of a file.
736 If the file does not exist, a None will be returned
740 @param filename: the filename to checksum
742 @return: the hex digest of the sha checksum of the contents
746 if not (os.path.exists(filename) and os.path.isfile(filename)):
751 fp = compat.sha1_hash()
759 return fp.hexdigest()
762 def FingerprintFiles(files):
763 """Compute fingerprints for a list of files.
766 @param files: the list of filename to fingerprint
768 @return: a dictionary filename: fingerprint, holding only
774 for filename in files:
775 cksum = _FingerprintFile(filename)
777 ret[filename] = cksum
782 def ForceDictType(target, key_types, allowed_values=None):
783 """Force the values of a dict to have certain types.
786 @param target: the dict to update
787 @type key_types: dict
788 @param key_types: dict mapping target dict keys to types
789 in constants.ENFORCEABLE_TYPES
790 @type allowed_values: list
791 @keyword allowed_values: list of specially allowed values
794 if allowed_values is None:
797 if not isinstance(target, dict):
798 msg = "Expected dictionary, got '%s'" % target
799 raise errors.TypeEnforcementError(msg)
802 if key not in key_types:
803 msg = "Unknown key '%s'" % key
804 raise errors.TypeEnforcementError(msg)
806 if target[key] in allowed_values:
809 ktype = key_types[key]
810 if ktype not in constants.ENFORCEABLE_TYPES:
811 msg = "'%s' has non-enforceable type %s" % (key, ktype)
812 raise errors.ProgrammerError(msg)
814 if ktype == constants.VTYPE_STRING:
815 if not isinstance(target[key], basestring):
816 if isinstance(target[key], bool) and not target[key]:
819 msg = "'%s' (value %s) is not a valid string" % (key, target[key])
820 raise errors.TypeEnforcementError(msg)
821 elif ktype == constants.VTYPE_BOOL:
822 if isinstance(target[key], basestring) and target[key]:
823 if target[key].lower() == constants.VALUE_FALSE:
825 elif target[key].lower() == constants.VALUE_TRUE:
828 msg = "'%s' (value %s) is not a valid boolean" % (key, target[key])
829 raise errors.TypeEnforcementError(msg)
834 elif ktype == constants.VTYPE_SIZE:
836 target[key] = ParseUnit(target[key])
837 except errors.UnitParseError, err:
838 msg = "'%s' (value %s) is not a valid size. error: %s" % \
839 (key, target[key], err)
840 raise errors.TypeEnforcementError(msg)
841 elif ktype == constants.VTYPE_INT:
843 target[key] = int(target[key])
844 except (ValueError, TypeError):
845 msg = "'%s' (value %s) is not a valid integer" % (key, target[key])
846 raise errors.TypeEnforcementError(msg)
849 def _GetProcStatusPath(pid):
850 """Returns the path for a PID's proc status file.
853 @param pid: Process ID
857 return "/proc/%d/status" % pid
860 def IsProcessAlive(pid):
861 """Check if a given pid exists on the system.
863 @note: zombie status is not handled, so zombie processes
864 will be returned as alive
866 @param pid: the process ID to check
868 @return: True if the process exists
875 except EnvironmentError, err:
876 if err.errno in (errno.ENOENT, errno.ENOTDIR):
878 elif err.errno == errno.EINVAL:
879 raise RetryAgain(err)
882 assert isinstance(pid, int), "pid must be an integer"
886 # /proc in a multiprocessor environment can have strange behaviors.
887 # Retry the os.stat a few times until we get a good result.
889 return Retry(_TryStat, (0.01, 1.5, 0.1), 0.5,
890 args=[_GetProcStatusPath(pid)])
891 except RetryTimeout, err:
895 def _ParseSigsetT(sigset):
896 """Parse a rendered sigset_t value.
898 This is the opposite of the Linux kernel's fs/proc/array.c:render_sigset_t
902 @param sigset: Rendered signal set from /proc/$pid/status
904 @return: Set of all enabled signal numbers
910 for ch in reversed(sigset):
913 # The following could be done in a loop, but it's easier to read and
914 # understand in the unrolled form
916 result.add(signum + 1)
918 result.add(signum + 2)
920 result.add(signum + 3)
922 result.add(signum + 4)
929 def _GetProcStatusField(pstatus, field):
930 """Retrieves a field from the contents of a proc status file.
932 @type pstatus: string
933 @param pstatus: Contents of /proc/$pid/status
935 @param field: Name of field whose value should be returned
939 for line in pstatus.splitlines():
940 parts = line.split(":", 1)
942 if len(parts) < 2 or parts[0] != field:
945 return parts[1].strip()
950 def IsProcessHandlingSignal(pid, signum, status_path=None):
951 """Checks whether a process is handling a signal.
954 @param pid: Process ID
956 @param signum: Signal number
960 if status_path is None:
961 status_path = _GetProcStatusPath(pid)
964 proc_status = ReadFile(status_path)
965 except EnvironmentError, err:
966 # In at least one case, reading /proc/$pid/status failed with ESRCH.
967 if err.errno in (errno.ENOENT, errno.ENOTDIR, errno.EINVAL, errno.ESRCH):
971 sigcgt = _GetProcStatusField(proc_status, "SigCgt")
973 raise RuntimeError("%s is missing 'SigCgt' field" % status_path)
975 # Now check whether signal is handled
976 return signum in _ParseSigsetT(sigcgt)
979 def ReadPidFile(pidfile):
980 """Read a pid from a file.
982 @type pidfile: string
983 @param pidfile: path to the file containing the pid
985 @return: The process id, if the file exists and contains a valid PID,
990 raw_data = ReadOneLineFile(pidfile)
991 except EnvironmentError, err:
992 if err.errno != errno.ENOENT:
993 logging.exception("Can't read pid file")
998 except (TypeError, ValueError), err:
999 logging.info("Can't parse pid file contents", exc_info=True)
1005 def ReadLockedPidFile(path):
1006 """Reads a locked PID file.
1008 This can be used together with L{StartDaemon}.
1011 @param path: Path to PID file
1012 @return: PID as integer or, if file was unlocked or couldn't be opened, None
1016 fd = os.open(path, os.O_RDONLY)
1017 except EnvironmentError, err:
1018 if err.errno == errno.ENOENT:
1019 # PID file doesn't exist
1025 # Try to acquire lock
1027 except errors.LockError:
1028 # Couldn't lock, daemon is running
1029 return int(os.read(fd, 100))
1036 def MatchNameComponent(key, name_list, case_sensitive=True):
1037 """Try to match a name against a list.
1039 This function will try to match a name like test1 against a list
1040 like C{['test1.example.com', 'test2.example.com', ...]}. Against
1041 this list, I{'test1'} as well as I{'test1.example'} will match, but
1042 not I{'test1.ex'}. A multiple match will be considered as no match
1043 at all (e.g. I{'test1'} against C{['test1.example.com',
1044 'test1.example.org']}), except when the key fully matches an entry
1045 (e.g. I{'test1'} against C{['test1', 'test1.example.com']}).
1048 @param key: the name to be searched
1049 @type name_list: list
1050 @param name_list: the list of strings against which to search the key
1051 @type case_sensitive: boolean
1052 @param case_sensitive: whether to provide a case-sensitive match
1055 @return: None if there is no match I{or} if there are multiple matches,
1056 otherwise the element from the list which matches
1059 if key in name_list:
1063 if not case_sensitive:
1064 re_flags |= re.IGNORECASE
1066 mo = re.compile("^%s(\..*)?$" % re.escape(key), re_flags)
1069 for name in name_list:
1070 if mo.match(name) is not None:
1071 names_filtered.append(name)
1072 if not case_sensitive and key == name.upper():
1073 string_matches.append(name)
1075 if len(string_matches) == 1:
1076 return string_matches[0]
1077 if len(names_filtered) == 1:
1078 return names_filtered[0]
1083 """Class implementing resolver and hostname functionality
1086 _VALID_NAME_RE = re.compile("^[a-z0-9._-]{1,255}$")
1088 def __init__(self, name=None):
1089 """Initialize the host name object.
1091 If the name argument is not passed, it will use this system's
1096 name = self.SysName()
1099 self.name, self.aliases, self.ipaddrs = self.LookupHostname(name)
1100 self.ip = self.ipaddrs[0]
1102 def ShortName(self):
1103 """Returns the hostname without domain.
1106 return self.name.split('.')[0]
1110 """Return the current system's name.
1112 This is simply a wrapper over C{socket.gethostname()}.
1115 return socket.gethostname()
1118 def LookupHostname(hostname):
1122 @param hostname: hostname to look up
1125 @return: a tuple (name, aliases, ipaddrs) as returned by
1126 C{socket.gethostbyname_ex}
1127 @raise errors.ResolverError: in case of errors in resolving
1131 result = socket.gethostbyname_ex(hostname)
1132 except socket.gaierror, err:
1133 # hostname not found in DNS
1134 raise errors.ResolverError(hostname, err.args[0], err.args[1])
1139 def NormalizeName(cls, hostname):
1140 """Validate and normalize the given hostname.
1142 @attention: the validation is a bit more relaxed than the standards
1143 require; most importantly, we allow underscores in names
1144 @raise errors.OpPrereqError: when the name is not valid
1147 hostname = hostname.lower()
1148 if (not cls._VALID_NAME_RE.match(hostname) or
1149 # double-dots, meaning empty label
1151 # empty initial label
1152 hostname.startswith(".")):
1153 raise errors.OpPrereqError("Invalid hostname '%s'" % hostname,
1155 if hostname.endswith("."):
1156 hostname = hostname.rstrip(".")
1160 def ValidateServiceName(name):
1161 """Validate the given service name.
1163 @type name: number or string
1164 @param name: Service name or port specification
1169 except (ValueError, TypeError):
1170 # Non-numeric service name
1171 valid = _VALID_SERVICE_NAME_RE.match(name)
1173 # Numeric port (protocols other than TCP or UDP might need adjustments
1175 valid = (numport >= 0 and numport < (1 << 16))
1178 raise errors.OpPrereqError("Invalid service name '%s'" % name,
1184 def GetHostInfo(name=None):
1185 """Lookup host name and raise an OpPrereqError for failures"""
1188 return HostInfo(name)
1189 except errors.ResolverError, err:
1190 raise errors.OpPrereqError("The given name (%s) does not resolve: %s" %
1191 (err[0], err[2]), errors.ECODE_RESOLVER)
1194 def ListVolumeGroups():
1195 """List volume groups and their size
1199 Dictionary with keys volume name and values
1200 the size of the volume
1203 command = "vgs --noheadings --units m --nosuffix -o name,size"
1204 result = RunCmd(command)
1209 for line in result.stdout.splitlines():
1211 name, size = line.split()
1212 size = int(float(size))
1213 except (IndexError, ValueError), err:
1214 logging.error("Invalid output from vgs (%s): %s", err, line)
1222 def BridgeExists(bridge):
1223 """Check whether the given bridge exists in the system
1226 @param bridge: the bridge name to check
1228 @return: True if it does
1231 return os.path.isdir("/sys/class/net/%s/bridge" % bridge)
1234 def NiceSort(name_list):
1235 """Sort a list of strings based on digit and non-digit groupings.
1237 Given a list of names C{['a1', 'a10', 'a11', 'a2']} this function
1238 will sort the list in the logical order C{['a1', 'a2', 'a10',
1241 The sort algorithm breaks each name in groups of either only-digits
1242 or no-digits. Only the first eight such groups are considered, and
1243 after that we just use what's left of the string.
1245 @type name_list: list
1246 @param name_list: the names to be sorted
1248 @return: a copy of the name list sorted with our algorithm
1251 _SORTER_BASE = "(\D+|\d+)"
1252 _SORTER_FULL = "^%s%s?%s?%s?%s?%s?%s?%s?.*$" % (_SORTER_BASE, _SORTER_BASE,
1253 _SORTER_BASE, _SORTER_BASE,
1254 _SORTER_BASE, _SORTER_BASE,
1255 _SORTER_BASE, _SORTER_BASE)
1256 _SORTER_RE = re.compile(_SORTER_FULL)
1257 _SORTER_NODIGIT = re.compile("^\D*$")
1259 """Attempts to convert a variable to integer."""
1260 if val is None or _SORTER_NODIGIT.match(val):
1265 to_sort = [([_TryInt(grp) for grp in _SORTER_RE.match(name).groups()], name)
1266 for name in name_list]
1268 return [tup[1] for tup in to_sort]
1271 def TryConvert(fn, val):
1272 """Try to convert a value ignoring errors.
1274 This function tries to apply function I{fn} to I{val}. If no
1275 C{ValueError} or C{TypeError} exceptions are raised, it will return
1276 the result, else it will return the original value. Any other
1277 exceptions are propagated to the caller.
1280 @param fn: function to apply to the value
1281 @param val: the value to be converted
1282 @return: The converted value if the conversion was successful,
1283 otherwise the original value.
1288 except (ValueError, TypeError):
1294 """Verifies the syntax of an IPv4 address.
1296 This function checks if the IPv4 address passes is valid or not based
1297 on syntax (not IP range, class calculations, etc.).
1300 @param ip: the address to be checked
1301 @rtype: a regular expression match object
1302 @return: a regular expression match object, or None if the
1303 address is not valid
1306 unit = "(0|[1-9]\d{0,2})"
1307 #TODO: convert and return only boolean
1308 return re.match("^%s\.%s\.%s\.%s$" % (unit, unit, unit, unit), ip)
1311 def IsValidShellParam(word):
1312 """Verifies is the given word is safe from the shell's p.o.v.
1314 This means that we can pass this to a command via the shell and be
1315 sure that it doesn't alter the command line and is passed as such to
1318 Note that we are overly restrictive here, in order to be on the safe
1322 @param word: the word to check
1324 @return: True if the word is 'safe'
1327 return bool(re.match("^[-a-zA-Z0-9._+/:%@]+$", word))
1330 def BuildShellCmd(template, *args):
1331 """Build a safe shell command line from the given arguments.
1333 This function will check all arguments in the args list so that they
1334 are valid shell parameters (i.e. they don't contain shell
1335 metacharacters). If everything is ok, it will return the result of
1339 @param template: the string holding the template for the
1342 @return: the expanded command line
1346 if not IsValidShellParam(word):
1347 raise errors.ProgrammerError("Shell argument '%s' contains"
1348 " invalid characters" % word)
1349 return template % args
1352 def FormatUnit(value, units):
1353 """Formats an incoming number of MiB with the appropriate unit.
1356 @param value: integer representing the value in MiB (1048576)
1358 @param units: the type of formatting we should do:
1359 - 'h' for automatic scaling
1364 @return: the formatted value (with suffix)
1367 if units not in ('m', 'g', 't', 'h'):
1368 raise errors.ProgrammerError("Invalid unit specified '%s'" % str(units))
1372 if units == 'm' or (units == 'h' and value < 1024):
1375 return "%d%s" % (round(value, 0), suffix)
1377 elif units == 'g' or (units == 'h' and value < (1024 * 1024)):
1380 return "%0.1f%s" % (round(float(value) / 1024, 1), suffix)
1385 return "%0.1f%s" % (round(float(value) / 1024 / 1024, 1), suffix)
1388 def ParseUnit(input_string):
1389 """Tries to extract number and scale from the given string.
1391 Input must be in the format C{NUMBER+ [DOT NUMBER+] SPACE*
1392 [UNIT]}. If no unit is specified, it defaults to MiB. Return value
1393 is always an int in MiB.
1396 m = re.match('^([.\d]+)\s*([a-zA-Z]+)?$', str(input_string))
1398 raise errors.UnitParseError("Invalid format")
1400 value = float(m.groups()[0])
1402 unit = m.groups()[1]
1404 lcunit = unit.lower()
1408 if lcunit in ('m', 'mb', 'mib'):
1409 # Value already in MiB
1412 elif lcunit in ('g', 'gb', 'gib'):
1415 elif lcunit in ('t', 'tb', 'tib'):
1416 value *= 1024 * 1024
1419 raise errors.UnitParseError("Unknown unit: %s" % unit)
1421 # Make sure we round up
1422 if int(value) < value:
1425 # Round up to the next multiple of 4
1428 value += 4 - value % 4
1433 def AddAuthorizedKey(file_name, key):
1434 """Adds an SSH public key to an authorized_keys file.
1436 @type file_name: str
1437 @param file_name: path to authorized_keys file
1439 @param key: string containing key
1442 key_fields = key.split()
1444 f = open(file_name, 'a+')
1448 # Ignore whitespace changes
1449 if line.split() == key_fields:
1451 nl = line.endswith('\n')
1455 f.write(key.rstrip('\r\n'))
1462 def RemoveAuthorizedKey(file_name, key):
1463 """Removes an SSH public key from an authorized_keys file.
1465 @type file_name: str
1466 @param file_name: path to authorized_keys file
1468 @param key: string containing key
1471 key_fields = key.split()
1473 fd, tmpname = tempfile.mkstemp(dir=os.path.dirname(file_name))
1475 out = os.fdopen(fd, 'w')
1477 f = open(file_name, 'r')
1480 # Ignore whitespace changes while comparing lines
1481 if line.split() != key_fields:
1485 os.rename(tmpname, file_name)
1495 def SetEtcHostsEntry(file_name, ip, hostname, aliases):
1496 """Sets the name of an IP address and hostname in /etc/hosts.
1498 @type file_name: str
1499 @param file_name: path to the file to modify (usually C{/etc/hosts})
1501 @param ip: the IP address
1503 @param hostname: the hostname to be added
1505 @param aliases: the list of aliases to add for the hostname
1508 # FIXME: use WriteFile + fn rather than duplicating its efforts
1509 # Ensure aliases are unique
1510 aliases = UniqueSequence([hostname] + aliases)[1:]
1512 fd, tmpname = tempfile.mkstemp(dir=os.path.dirname(file_name))
1514 out = os.fdopen(fd, 'w')
1516 f = open(file_name, 'r')
1519 fields = line.split()
1520 if fields and not fields[0].startswith('#') and ip == fields[0]:
1524 out.write("%s\t%s" % (ip, hostname))
1526 out.write(" %s" % ' '.join(aliases))
1531 os.chmod(tmpname, 0644)
1532 os.rename(tmpname, file_name)
1542 def AddHostToEtcHosts(hostname):
1543 """Wrapper around SetEtcHostsEntry.
1546 @param hostname: a hostname that will be resolved and added to
1547 L{constants.ETC_HOSTS}
1550 hi = HostInfo(name=hostname)
1551 SetEtcHostsEntry(constants.ETC_HOSTS, hi.ip, hi.name, [hi.ShortName()])
1554 def RemoveEtcHostsEntry(file_name, hostname):
1555 """Removes a hostname from /etc/hosts.
1557 IP addresses without names are removed from the file.
1559 @type file_name: str
1560 @param file_name: path to the file to modify (usually C{/etc/hosts})
1562 @param hostname: the hostname to be removed
1565 # FIXME: use WriteFile + fn rather than duplicating its efforts
1566 fd, tmpname = tempfile.mkstemp(dir=os.path.dirname(file_name))
1568 out = os.fdopen(fd, 'w')
1570 f = open(file_name, 'r')
1573 fields = line.split()
1574 if len(fields) > 1 and not fields[0].startswith('#'):
1576 if hostname in names:
1577 while hostname in names:
1578 names.remove(hostname)
1580 out.write("%s %s\n" % (fields[0], ' '.join(names)))
1587 os.chmod(tmpname, 0644)
1588 os.rename(tmpname, file_name)
1598 def RemoveHostFromEtcHosts(hostname):
1599 """Wrapper around RemoveEtcHostsEntry.
1602 @param hostname: hostname that will be resolved and its
1603 full and shot name will be removed from
1604 L{constants.ETC_HOSTS}
1607 hi = HostInfo(name=hostname)
1608 RemoveEtcHostsEntry(constants.ETC_HOSTS, hi.name)
1609 RemoveEtcHostsEntry(constants.ETC_HOSTS, hi.ShortName())
1612 def TimestampForFilename():
1613 """Returns the current time formatted for filenames.
1615 The format doesn't contain colons as some shells and applications them as
1619 return time.strftime("%Y-%m-%d_%H_%M_%S")
1622 def CreateBackup(file_name):
1623 """Creates a backup of a file.
1625 @type file_name: str
1626 @param file_name: file to be backed up
1628 @return: the path to the newly created backup
1629 @raise errors.ProgrammerError: for invalid file names
1632 if not os.path.isfile(file_name):
1633 raise errors.ProgrammerError("Can't make a backup of a non-file '%s'" %
1636 prefix = ("%s.backup-%s." %
1637 (os.path.basename(file_name), TimestampForFilename()))
1638 dir_name = os.path.dirname(file_name)
1640 fsrc = open(file_name, 'rb')
1642 (fd, backup_name) = tempfile.mkstemp(prefix=prefix, dir=dir_name)
1643 fdst = os.fdopen(fd, 'wb')
1645 logging.debug("Backing up %s at %s", file_name, backup_name)
1646 shutil.copyfileobj(fsrc, fdst)
1655 def ShellQuote(value):
1656 """Quotes shell argument according to POSIX.
1659 @param value: the argument to be quoted
1661 @return: the quoted value
1664 if _re_shell_unquoted.match(value):
1667 return "'%s'" % value.replace("'", "'\\''")
1670 def ShellQuoteArgs(args):
1671 """Quotes a list of shell arguments.
1674 @param args: list of arguments to be quoted
1676 @return: the quoted arguments concatenated with spaces
1679 return ' '.join([ShellQuote(i) for i in args])
1682 def TcpPing(target, port, timeout=10, live_port_needed=False, source=None):
1683 """Simple ping implementation using TCP connect(2).
1685 Check if the given IP is reachable by doing attempting a TCP connect
1689 @param target: the IP or hostname to ping
1691 @param port: the port to connect to
1693 @param timeout: the timeout on the connection attempt
1694 @type live_port_needed: boolean
1695 @param live_port_needed: whether a closed port will cause the
1696 function to return failure, as if there was a timeout
1697 @type source: str or None
1698 @param source: if specified, will cause the connect to be made
1699 from this specific source address; failures to bind other
1700 than C{EADDRNOTAVAIL} will be ignored
1703 sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
1707 if source is not None:
1709 sock.bind((source, 0))
1710 except socket.error, (errcode, _):
1711 if errcode == errno.EADDRNOTAVAIL:
1714 sock.settimeout(timeout)
1717 sock.connect((target, port))
1720 except socket.timeout:
1722 except socket.error, (errcode, _):
1723 success = (not live_port_needed) and (errcode == errno.ECONNREFUSED)
1728 def OwnIpAddress(address):
1729 """Check if the current host has the the given IP address.
1731 Currently this is done by TCP-pinging the address from the loopback
1734 @type address: string
1735 @param address: the address to check
1737 @return: True if we own the address
1740 return TcpPing(address, constants.DEFAULT_NODED_PORT,
1741 source=constants.LOCALHOST_IP_ADDRESS)
1744 def ListVisibleFiles(path):
1745 """Returns a list of visible files in a directory.
1748 @param path: the directory to enumerate
1750 @return: the list of all files not starting with a dot
1751 @raise ProgrammerError: if L{path} is not an absolue and normalized path
1754 if not IsNormAbsPath(path):
1755 raise errors.ProgrammerError("Path passed to ListVisibleFiles is not"
1756 " absolute/normalized: '%s'" % path)
1757 files = [i for i in os.listdir(path) if not i.startswith(".")]
1761 def GetHomeDir(user, default=None):
1762 """Try to get the homedir of the given user.
1764 The user can be passed either as a string (denoting the name) or as
1765 an integer (denoting the user id). If the user is not found, the
1766 'default' argument is returned, which defaults to None.
1770 if isinstance(user, basestring):
1771 result = pwd.getpwnam(user)
1772 elif isinstance(user, (int, long)):
1773 result = pwd.getpwuid(user)
1775 raise errors.ProgrammerError("Invalid type passed to GetHomeDir (%s)" %
1779 return result.pw_dir
1783 """Returns a random UUID.
1785 @note: This is a Linux-specific method as it uses the /proc
1790 return ReadFile(_RANDOM_UUID_FILE, size=128).rstrip("\n")
1793 def GenerateSecret(numbytes=20):
1794 """Generates a random secret.
1796 This will generate a pseudo-random secret returning an hex string
1797 (so that it can be used where an ASCII string is needed).
1799 @param numbytes: the number of bytes which will be represented by the returned
1800 string (defaulting to 20, the length of a SHA1 hash)
1802 @return: an hex representation of the pseudo-random sequence
1805 return os.urandom(numbytes).encode('hex')
1808 def EnsureDirs(dirs):
1809 """Make required directories, if they don't exist.
1811 @param dirs: list of tuples (dir_name, dir_mode)
1812 @type dirs: list of (string, integer)
1815 for dir_name, dir_mode in dirs:
1817 os.mkdir(dir_name, dir_mode)
1818 except EnvironmentError, err:
1819 if err.errno != errno.EEXIST:
1820 raise errors.GenericError("Cannot create needed directory"
1821 " '%s': %s" % (dir_name, err))
1823 os.chmod(dir_name, dir_mode)
1824 except EnvironmentError, err:
1825 raise errors.GenericError("Cannot change directory permissions on"
1826 " '%s': %s" % (dir_name, err))
1827 if not os.path.isdir(dir_name):
1828 raise errors.GenericError("%s is not a directory" % dir_name)
1831 def ReadFile(file_name, size=-1):
1835 @param size: Read at most size bytes (if negative, entire file)
1837 @return: the (possibly partial) content of the file
1840 f = open(file_name, "r")
1847 def WriteFile(file_name, fn=None, data=None,
1848 mode=None, uid=-1, gid=-1,
1849 atime=None, mtime=None, close=True,
1850 dry_run=False, backup=False,
1851 prewrite=None, postwrite=None):
1852 """(Over)write a file atomically.
1854 The file_name and either fn (a function taking one argument, the
1855 file descriptor, and which should write the data to it) or data (the
1856 contents of the file) must be passed. The other arguments are
1857 optional and allow setting the file mode, owner and group, and the
1858 mtime/atime of the file.
1860 If the function doesn't raise an exception, it has succeeded and the
1861 target file has the new contents. If the function has raised an
1862 exception, an existing target file should be unmodified and the
1863 temporary file should be removed.
1865 @type file_name: str
1866 @param file_name: the target filename
1868 @param fn: content writing function, called with
1869 file descriptor as parameter
1871 @param data: contents of the file
1873 @param mode: file mode
1875 @param uid: the owner of the file
1877 @param gid: the group of the file
1879 @param atime: a custom access time to be set on the file
1881 @param mtime: a custom modification time to be set on the file
1882 @type close: boolean
1883 @param close: whether to close file after writing it
1884 @type prewrite: callable
1885 @param prewrite: function to be called before writing content
1886 @type postwrite: callable
1887 @param postwrite: function to be called after writing content
1890 @return: None if the 'close' parameter evaluates to True,
1891 otherwise the file descriptor
1893 @raise errors.ProgrammerError: if any of the arguments are not valid
1896 if not os.path.isabs(file_name):
1897 raise errors.ProgrammerError("Path passed to WriteFile is not"
1898 " absolute: '%s'" % file_name)
1900 if [fn, data].count(None) != 1:
1901 raise errors.ProgrammerError("fn or data required")
1903 if [atime, mtime].count(None) == 1:
1904 raise errors.ProgrammerError("Both atime and mtime must be either"
1907 if backup and not dry_run and os.path.isfile(file_name):
1908 CreateBackup(file_name)
1910 dir_name, base_name = os.path.split(file_name)
1911 fd, new_name = tempfile.mkstemp('.new', base_name, dir_name)
1913 # here we need to make sure we remove the temp file, if any error
1914 # leaves it in place
1916 if uid != -1 or gid != -1:
1917 os.chown(new_name, uid, gid)
1919 os.chmod(new_name, mode)
1920 if callable(prewrite):
1922 if data is not None:
1926 if callable(postwrite):
1929 if atime is not None and mtime is not None:
1930 os.utime(new_name, (atime, mtime))
1932 os.rename(new_name, file_name)
1941 RemoveFile(new_name)
1946 def ReadOneLineFile(file_name, strict=False):
1947 """Return the first non-empty line from a file.
1949 @type strict: boolean
1950 @param strict: if True, abort if the file has more than one
1954 file_lines = ReadFile(file_name).splitlines()
1955 full_lines = filter(bool, file_lines)
1956 if not file_lines or not full_lines:
1957 raise errors.GenericError("No data in one-liner file %s" % file_name)
1958 elif strict and len(full_lines) > 1:
1959 raise errors.GenericError("Too many lines in one-liner file %s" %
1961 return full_lines[0]
1964 def FirstFree(seq, base=0):
1965 """Returns the first non-existing integer from seq.
1967 The seq argument should be a sorted list of positive integers. The
1968 first time the index of an element is smaller than the element
1969 value, the index will be returned.
1971 The base argument is used to start at a different offset,
1972 i.e. C{[3, 4, 6]} with I{offset=3} will return 5.
1974 Example: C{[0, 1, 3]} will return I{2}.
1977 @param seq: the sequence to be analyzed.
1979 @param base: use this value as the base index of the sequence
1981 @return: the first non-used index in the sequence
1984 for idx, elem in enumerate(seq):
1985 assert elem >= base, "Passed element is higher than base offset"
1986 if elem > idx + base:
1992 def SingleWaitForFdCondition(fdobj, event, timeout):
1993 """Waits for a condition to occur on the socket.
1995 Immediately returns at the first interruption.
1997 @type fdobj: integer or object supporting a fileno() method
1998 @param fdobj: entity to wait for events on
1999 @type event: integer
2000 @param event: ORed condition (see select module)
2001 @type timeout: float or None
2002 @param timeout: Timeout in seconds
2004 @return: None for timeout, otherwise occured conditions
2007 check = (event | select.POLLPRI |
2008 select.POLLNVAL | select.POLLHUP | select.POLLERR)
2010 if timeout is not None:
2011 # Poller object expects milliseconds
2014 poller = select.poll()
2015 poller.register(fdobj, event)
2017 # TODO: If the main thread receives a signal and we have no timeout, we
2018 # could wait forever. This should check a global "quit" flag or something
2020 io_events = poller.poll(timeout)
2021 except select.error, err:
2022 if err[0] != errno.EINTR:
2025 if io_events and io_events[0][1] & check:
2026 return io_events[0][1]
2031 class FdConditionWaiterHelper(object):
2032 """Retry helper for WaitForFdCondition.
2034 This class contains the retried and wait functions that make sure
2035 WaitForFdCondition can continue waiting until the timeout is actually
2040 def __init__(self, timeout):
2041 self.timeout = timeout
2043 def Poll(self, fdobj, event):
2044 result = SingleWaitForFdCondition(fdobj, event, self.timeout)
2050 def UpdateTimeout(self, timeout):
2051 self.timeout = timeout
2054 def WaitForFdCondition(fdobj, event, timeout):
2055 """Waits for a condition to occur on the socket.
2057 Retries until the timeout is expired, even if interrupted.
2059 @type fdobj: integer or object supporting a fileno() method
2060 @param fdobj: entity to wait for events on
2061 @type event: integer
2062 @param event: ORed condition (see select module)
2063 @type timeout: float or None
2064 @param timeout: Timeout in seconds
2066 @return: None for timeout, otherwise occured conditions
2069 if timeout is not None:
2070 retrywaiter = FdConditionWaiterHelper(timeout)
2072 result = Retry(retrywaiter.Poll, RETRY_REMAINING_TIME, timeout,
2073 args=(fdobj, event), wait_fn=retrywaiter.UpdateTimeout)
2074 except RetryTimeout:
2078 while result is None:
2079 result = SingleWaitForFdCondition(fdobj, event, timeout)
2083 def UniqueSequence(seq):
2084 """Returns a list with unique elements.
2086 Element order is preserved.
2089 @param seq: the sequence with the source elements
2091 @return: list of unique elements from seq
2095 return [i for i in seq if i not in seen and not seen.add(i)]
2098 def NormalizeAndValidateMac(mac):
2099 """Normalizes and check if a MAC address is valid.
2101 Checks whether the supplied MAC address is formally correct, only
2102 accepts colon separated format. Normalize it to all lower.
2105 @param mac: the MAC to be validated
2107 @return: returns the normalized and validated MAC.
2109 @raise errors.OpPrereqError: If the MAC isn't valid
2112 mac_check = re.compile("^([0-9a-f]{2}(:|$)){6}$", re.I)
2113 if not mac_check.match(mac):
2114 raise errors.OpPrereqError("Invalid MAC address specified: %s" %
2115 mac, errors.ECODE_INVAL)
2120 def TestDelay(duration):
2121 """Sleep for a fixed amount of time.
2123 @type duration: float
2124 @param duration: the sleep duration
2126 @return: False for negative value, True otherwise
2130 return False, "Invalid sleep duration"
2131 time.sleep(duration)
2135 def _CloseFDNoErr(fd, retries=5):
2136 """Close a file descriptor ignoring errors.
2139 @param fd: the file descriptor
2141 @param retries: how many retries to make, in case we get any
2142 other error than EBADF
2147 except OSError, err:
2148 if err.errno != errno.EBADF:
2150 _CloseFDNoErr(fd, retries - 1)
2151 # else either it's closed already or we're out of retries, so we
2152 # ignore this and go on
2155 def CloseFDs(noclose_fds=None):
2156 """Close file descriptors.
2158 This closes all file descriptors above 2 (i.e. except
2161 @type noclose_fds: list or None
2162 @param noclose_fds: if given, it denotes a list of file descriptor
2163 that should not be closed
2166 # Default maximum for the number of available file descriptors.
2167 if 'SC_OPEN_MAX' in os.sysconf_names:
2169 MAXFD = os.sysconf('SC_OPEN_MAX')
2176 maxfd = resource.getrlimit(resource.RLIMIT_NOFILE)[1]
2177 if (maxfd == resource.RLIM_INFINITY):
2180 # Iterate through and close all file descriptors (except the standard ones)
2181 for fd in range(3, maxfd):
2182 if noclose_fds and fd in noclose_fds:
2188 """Lock current process' virtual address space into RAM.
2190 This is equivalent to the C call mlockall(MCL_CURRENT|MCL_FUTURE),
2191 see mlock(2) for more details. This function requires ctypes module.
2195 logging.warning("Cannot set memory lock, ctypes module not found")
2198 libc = ctypes.cdll.LoadLibrary("libc.so.6")
2200 logging.error("Cannot set memory lock, ctypes cannot load libc")
2203 # Some older version of the ctypes module don't have built-in functionality
2204 # to access the errno global variable, where function error codes are stored.
2205 # By declaring this variable as a pointer to an integer we can then access
2206 # its value correctly, should the mlockall call fail, in order to see what
2207 # the actual error code was.
2208 # pylint: disable-msg=W0212
2209 libc.__errno_location.restype = ctypes.POINTER(ctypes.c_int)
2211 if libc.mlockall(_MCL_CURRENT | _MCL_FUTURE):
2212 # pylint: disable-msg=W0212
2213 logging.error("Cannot set memory lock: %s",
2214 os.strerror(libc.__errno_location().contents.value))
2217 logging.debug("Memory lock set")
2220 def Daemonize(logfile, run_uid, run_gid):
2221 """Daemonize the current process.
2223 This detaches the current process from the controlling terminal and
2224 runs it in the background as a daemon.
2227 @param logfile: the logfile to which we should redirect stdout/stderr
2229 @param run_uid: Run the child under this uid
2231 @param run_gid: Run the child under this gid
2233 @return: the value zero
2236 # pylint: disable-msg=W0212
2237 # yes, we really want os._exit
2243 if (pid == 0): # The first child.
2245 # FIXME: When removing again and moving to start-stop-daemon privilege drop
2246 # make sure to check for config permission and bail out when invoked
2251 pid = os.fork() # Fork a second child.
2252 if (pid == 0): # The second child.
2256 # exit() or _exit()? See below.
2257 os._exit(0) # Exit parent (the first child) of the second child.
2259 os._exit(0) # Exit parent of the first child.
2263 i = os.open("/dev/null", os.O_RDONLY) # stdin
2264 assert i == 0, "Can't close/reopen stdin"
2265 i = os.open(logfile, os.O_WRONLY|os.O_CREAT|os.O_APPEND, 0600) # stdout
2266 assert i == 1, "Can't close/reopen stdout"
2267 # Duplicate standard output to standard error.
2272 def DaemonPidFileName(name):
2273 """Compute a ganeti pid file absolute path
2276 @param name: the daemon name
2278 @return: the full path to the pidfile corresponding to the given
2282 return PathJoin(constants.RUN_GANETI_DIR, "%s.pid" % name)
2285 def EnsureDaemon(name):
2286 """Check for and start daemon if not alive.
2289 result = RunCmd([constants.DAEMON_UTIL, "check-and-start", name])
2291 logging.error("Can't start daemon '%s', failure %s, output: %s",
2292 name, result.fail_reason, result.output)
2298 def StopDaemon(name):
2302 result = RunCmd([constants.DAEMON_UTIL, "stop", name])
2304 logging.error("Can't stop daemon '%s', failure %s, output: %s",
2305 name, result.fail_reason, result.output)
2311 def WritePidFile(name):
2312 """Write the current process pidfile.
2314 The file will be written to L{constants.RUN_GANETI_DIR}I{/name.pid}
2317 @param name: the daemon name to use
2318 @raise errors.GenericError: if the pid file already exists and
2319 points to a live process
2323 pidfilename = DaemonPidFileName(name)
2324 if IsProcessAlive(ReadPidFile(pidfilename)):
2325 raise errors.GenericError("%s contains a live process" % pidfilename)
2327 WriteFile(pidfilename, data="%d\n" % pid)
2330 def RemovePidFile(name):
2331 """Remove the current process pidfile.
2333 Any errors are ignored.
2336 @param name: the daemon name used to derive the pidfile name
2339 pidfilename = DaemonPidFileName(name)
2340 # TODO: we could check here that the file contains our pid
2342 RemoveFile(pidfilename)
2343 except: # pylint: disable-msg=W0702
2347 def KillProcess(pid, signal_=signal.SIGTERM, timeout=30,
2349 """Kill a process given by its pid.
2352 @param pid: The PID to terminate.
2354 @param signal_: The signal to send, by default SIGTERM
2356 @param timeout: The timeout after which, if the process is still alive,
2357 a SIGKILL will be sent. If not positive, no such checking
2359 @type waitpid: boolean
2360 @param waitpid: If true, we should waitpid on this process after
2361 sending signals, since it's our own child and otherwise it
2362 would remain as zombie
2365 def _helper(pid, signal_, wait):
2366 """Simple helper to encapsulate the kill/waitpid sequence"""
2367 if IgnoreProcessNotFound(os.kill, pid, signal_) and wait:
2369 os.waitpid(pid, os.WNOHANG)
2374 # kill with pid=0 == suicide
2375 raise errors.ProgrammerError("Invalid pid given '%s'" % pid)
2377 if not IsProcessAlive(pid):
2380 _helper(pid, signal_, waitpid)
2385 def _CheckProcess():
2386 if not IsProcessAlive(pid):
2390 (result_pid, _) = os.waitpid(pid, os.WNOHANG)
2400 # Wait up to $timeout seconds
2401 Retry(_CheckProcess, (0.01, 1.5, 0.1), timeout)
2402 except RetryTimeout:
2405 if IsProcessAlive(pid):
2406 # Kill process if it's still alive
2407 _helper(pid, signal.SIGKILL, waitpid)
2410 def FindFile(name, search_path, test=os.path.exists):
2411 """Look for a filesystem object in a given path.
2413 This is an abstract method to search for filesystem object (files,
2414 dirs) under a given search path.
2417 @param name: the name to look for
2418 @type search_path: str
2419 @param search_path: location to start at
2420 @type test: callable
2421 @param test: a function taking one argument that should return True
2422 if the a given object is valid; the default value is
2423 os.path.exists, causing only existing files to be returned
2425 @return: full path to the object if found, None otherwise
2428 # validate the filename mask
2429 if constants.EXT_PLUGIN_MASK.match(name) is None:
2430 logging.critical("Invalid value passed for external script name: '%s'",
2434 for dir_name in search_path:
2435 # FIXME: investigate switch to PathJoin
2436 item_name = os.path.sep.join([dir_name, name])
2437 # check the user test and that we're indeed resolving to the given
2439 if test(item_name) and os.path.basename(item_name) == name:
2444 def CheckVolumeGroupSize(vglist, vgname, minsize):
2445 """Checks if the volume group list is valid.
2447 The function will check if a given volume group is in the list of
2448 volume groups and has a minimum size.
2451 @param vglist: dictionary of volume group names and their size
2453 @param vgname: the volume group we should check
2455 @param minsize: the minimum size we accept
2457 @return: None for success, otherwise the error message
2460 vgsize = vglist.get(vgname, None)
2462 return "volume group '%s' missing" % vgname
2463 elif vgsize < minsize:
2464 return ("volume group '%s' too small (%s MiB required, %d MiB found)" %
2465 (vgname, minsize, vgsize))
2469 def SplitTime(value):
2470 """Splits time as floating point number into a tuple.
2472 @param value: Time in seconds
2473 @type value: int or float
2474 @return: Tuple containing (seconds, microseconds)
2477 (seconds, microseconds) = divmod(int(value * 1000000), 1000000)
2479 assert 0 <= seconds, \
2480 "Seconds must be larger than or equal to 0, but are %s" % seconds
2481 assert 0 <= microseconds <= 999999, \
2482 "Microseconds must be 0-999999, but are %s" % microseconds
2484 return (int(seconds), int(microseconds))
2487 def MergeTime(timetuple):
2488 """Merges a tuple into time as a floating point number.
2490 @param timetuple: Time as tuple, (seconds, microseconds)
2491 @type timetuple: tuple
2492 @return: Time as a floating point number expressed in seconds
2495 (seconds, microseconds) = timetuple
2497 assert 0 <= seconds, \
2498 "Seconds must be larger than or equal to 0, but are %s" % seconds
2499 assert 0 <= microseconds <= 999999, \
2500 "Microseconds must be 0-999999, but are %s" % microseconds
2502 return float(seconds) + (float(microseconds) * 0.000001)
2505 def GetDaemonPort(daemon_name):
2506 """Get the daemon port for this cluster.
2508 Note that this routine does not read a ganeti-specific file, but
2509 instead uses C{socket.getservbyname} to allow pre-customization of
2510 this parameter outside of Ganeti.
2512 @type daemon_name: string
2513 @param daemon_name: daemon name (in constants.DAEMONS_PORTS)
2517 if daemon_name not in constants.DAEMONS_PORTS:
2518 raise errors.ProgrammerError("Unknown daemon: %s" % daemon_name)
2520 (proto, default_port) = constants.DAEMONS_PORTS[daemon_name]
2522 port = socket.getservbyname(daemon_name, proto)
2523 except socket.error:
2529 class LogFileHandler(logging.FileHandler):
2530 """Log handler that doesn't fallback to stderr.
2532 When an error occurs while writing on the logfile, logging.FileHandler tries
2533 to log on stderr. This doesn't work in ganeti since stderr is redirected to
2534 the logfile. This class avoids failures reporting errors to /dev/console.
2537 def __init__(self, filename, mode="a", encoding=None):
2538 """Open the specified file and use it as the stream for logging.
2540 Also open /dev/console to report errors while logging.
2543 logging.FileHandler.__init__(self, filename, mode, encoding)
2544 self.console = open(constants.DEV_CONSOLE, "a")
2546 def handleError(self, record): # pylint: disable-msg=C0103
2547 """Handle errors which occur during an emit() call.
2549 Try to handle errors with FileHandler method, if it fails write to
2554 logging.FileHandler.handleError(self, record)
2555 except Exception: # pylint: disable-msg=W0703
2557 self.console.write("Cannot log message:\n%s\n" % self.format(record))
2558 except Exception: # pylint: disable-msg=W0703
2559 # Log handler tried everything it could, now just give up
2563 def SetupLogging(logfile, debug=0, stderr_logging=False, program="",
2564 multithreaded=False, syslog=constants.SYSLOG_USAGE,
2565 console_logging=False):
2566 """Configures the logging module.
2569 @param logfile: the filename to which we should log
2570 @type debug: integer
2571 @param debug: if greater than zero, enable debug messages, otherwise
2572 only those at C{INFO} and above level
2573 @type stderr_logging: boolean
2574 @param stderr_logging: whether we should also log to the standard error
2576 @param program: the name under which we should log messages
2577 @type multithreaded: boolean
2578 @param multithreaded: if True, will add the thread name to the log file
2579 @type syslog: string
2580 @param syslog: one of 'no', 'yes', 'only':
2581 - if no, syslog is not used
2582 - if yes, syslog is used (in addition to file-logging)
2583 - if only, only syslog is used
2584 @type console_logging: boolean
2585 @param console_logging: if True, will use a FileHandler which falls back to
2586 the system console if logging fails
2587 @raise EnvironmentError: if we can't open the log file and
2588 syslog/stderr logging is disabled
2591 fmt = "%(asctime)s: " + program + " pid=%(process)d"
2592 sft = program + "[%(process)d]:"
2594 fmt += "/%(threadName)s"
2595 sft += " (%(threadName)s)"
2597 fmt += " %(module)s:%(lineno)s"
2598 # no debug info for syslog loggers
2599 fmt += " %(levelname)s %(message)s"
2600 # yes, we do want the textual level, as remote syslog will probably
2601 # lose the error level, and it's easier to grep for it
2602 sft += " %(levelname)s %(message)s"
2603 formatter = logging.Formatter(fmt)
2604 sys_fmt = logging.Formatter(sft)
2606 root_logger = logging.getLogger("")
2607 root_logger.setLevel(logging.NOTSET)
2609 # Remove all previously setup handlers
2610 for handler in root_logger.handlers:
2612 root_logger.removeHandler(handler)
2615 stderr_handler = logging.StreamHandler()
2616 stderr_handler.setFormatter(formatter)
2618 stderr_handler.setLevel(logging.NOTSET)
2620 stderr_handler.setLevel(logging.CRITICAL)
2621 root_logger.addHandler(stderr_handler)
2623 if syslog in (constants.SYSLOG_YES, constants.SYSLOG_ONLY):
2624 facility = logging.handlers.SysLogHandler.LOG_DAEMON
2625 syslog_handler = logging.handlers.SysLogHandler(constants.SYSLOG_SOCKET,
2627 syslog_handler.setFormatter(sys_fmt)
2628 # Never enable debug over syslog
2629 syslog_handler.setLevel(logging.INFO)
2630 root_logger.addHandler(syslog_handler)
2632 if syslog != constants.SYSLOG_ONLY:
2633 # this can fail, if the logging directories are not setup or we have
2634 # a permisssion problem; in this case, it's best to log but ignore
2635 # the error if stderr_logging is True, and if false we re-raise the
2636 # exception since otherwise we could run but without any logs at all
2639 logfile_handler = LogFileHandler(logfile)
2641 logfile_handler = logging.FileHandler(logfile)
2642 logfile_handler.setFormatter(formatter)
2644 logfile_handler.setLevel(logging.DEBUG)
2646 logfile_handler.setLevel(logging.INFO)
2647 root_logger.addHandler(logfile_handler)
2648 except EnvironmentError:
2649 if stderr_logging or syslog == constants.SYSLOG_YES:
2650 logging.exception("Failed to enable logging to file '%s'", logfile)
2652 # we need to re-raise the exception
2656 def IsNormAbsPath(path):
2657 """Check whether a path is absolute and also normalized
2659 This avoids things like /dir/../../other/path to be valid.
2662 return os.path.normpath(path) == path and os.path.isabs(path)
2665 def PathJoin(*args):
2666 """Safe-join a list of path components.
2669 - the first argument must be an absolute path
2670 - no component in the path must have backtracking (e.g. /../),
2671 since we check for normalization at the end
2673 @param args: the path components to be joined
2674 @raise ValueError: for invalid paths
2677 # ensure we're having at least one path passed in
2679 # ensure the first component is an absolute and normalized path name
2681 if not IsNormAbsPath(root):
2682 raise ValueError("Invalid parameter to PathJoin: '%s'" % str(args[0]))
2683 result = os.path.join(*args)
2684 # ensure that the whole path is normalized
2685 if not IsNormAbsPath(result):
2686 raise ValueError("Invalid parameters to PathJoin: '%s'" % str(args))
2687 # check that we're still under the original prefix
2688 prefix = os.path.commonprefix([root, result])
2690 raise ValueError("Error: path joining resulted in different prefix"
2691 " (%s != %s)" % (prefix, root))
2695 def TailFile(fname, lines=20):
2696 """Return the last lines from a file.
2698 @note: this function will only read and parse the last 4KB of
2699 the file; if the lines are very long, it could be that less
2700 than the requested number of lines are returned
2702 @param fname: the file name
2704 @param lines: the (maximum) number of lines to return
2707 fd = open(fname, "r")
2711 pos = max(0, pos-4096)
2713 raw_data = fd.read()
2717 rows = raw_data.splitlines()
2718 return rows[-lines:]
2721 def FormatTimestampWithTZ(secs):
2722 """Formats a Unix timestamp with the local timezone.
2725 return time.strftime("%F %T %Z", time.gmtime(secs))
2728 def _ParseAsn1Generalizedtime(value):
2729 """Parses an ASN1 GENERALIZEDTIME timestamp as used by pyOpenSSL.
2732 @param value: ASN1 GENERALIZEDTIME timestamp
2735 m = re.match(r"^(\d+)([-+]\d\d)(\d\d)$", value)
2738 asn1time = m.group(1)
2739 hours = int(m.group(2))
2740 minutes = int(m.group(3))
2741 utcoffset = (60 * hours) + minutes
2743 if not value.endswith("Z"):
2744 raise ValueError("Missing timezone")
2745 asn1time = value[:-1]
2748 parsed = time.strptime(asn1time, "%Y%m%d%H%M%S")
2750 tt = datetime.datetime(*(parsed[:7])) - datetime.timedelta(minutes=utcoffset)
2752 return calendar.timegm(tt.utctimetuple())
2755 def GetX509CertValidity(cert):
2756 """Returns the validity period of the certificate.
2758 @type cert: OpenSSL.crypto.X509
2759 @param cert: X509 certificate object
2762 # The get_notBefore and get_notAfter functions are only supported in
2763 # pyOpenSSL 0.7 and above.
2765 get_notbefore_fn = cert.get_notBefore
2766 except AttributeError:
2769 not_before_asn1 = get_notbefore_fn()
2771 if not_before_asn1 is None:
2774 not_before = _ParseAsn1Generalizedtime(not_before_asn1)
2777 get_notafter_fn = cert.get_notAfter
2778 except AttributeError:
2781 not_after_asn1 = get_notafter_fn()
2783 if not_after_asn1 is None:
2786 not_after = _ParseAsn1Generalizedtime(not_after_asn1)
2788 return (not_before, not_after)
2791 def _VerifyCertificateInner(expired, not_before, not_after, now,
2792 warn_days, error_days):
2793 """Verifies certificate validity.
2796 @param expired: Whether pyOpenSSL considers the certificate as expired
2797 @type not_before: number or None
2798 @param not_before: Unix timestamp before which certificate is not valid
2799 @type not_after: number or None
2800 @param not_after: Unix timestamp after which certificate is invalid
2802 @param now: Current time as Unix timestamp
2803 @type warn_days: number or None
2804 @param warn_days: How many days before expiration a warning should be reported
2805 @type error_days: number or None
2806 @param error_days: How many days before expiration an error should be reported
2810 msg = "Certificate is expired"
2812 if not_before is not None and not_after is not None:
2813 msg += (" (valid from %s to %s)" %
2814 (FormatTimestampWithTZ(not_before),
2815 FormatTimestampWithTZ(not_after)))
2816 elif not_before is not None:
2817 msg += " (valid from %s)" % FormatTimestampWithTZ(not_before)
2818 elif not_after is not None:
2819 msg += " (valid until %s)" % FormatTimestampWithTZ(not_after)
2821 return (CERT_ERROR, msg)
2823 elif not_before is not None and not_before > now:
2824 return (CERT_WARNING,
2825 "Certificate not yet valid (valid from %s)" %
2826 FormatTimestampWithTZ(not_before))
2828 elif not_after is not None:
2829 remaining_days = int((not_after - now) / (24 * 3600))
2831 msg = "Certificate expires in about %d days" % remaining_days
2833 if error_days is not None and remaining_days <= error_days:
2834 return (CERT_ERROR, msg)
2836 if warn_days is not None and remaining_days <= warn_days:
2837 return (CERT_WARNING, msg)
2842 def VerifyX509Certificate(cert, warn_days, error_days):
2843 """Verifies a certificate for LUVerifyCluster.
2845 @type cert: OpenSSL.crypto.X509
2846 @param cert: X509 certificate object
2847 @type warn_days: number or None
2848 @param warn_days: How many days before expiration a warning should be reported
2849 @type error_days: number or None
2850 @param error_days: How many days before expiration an error should be reported
2853 # Depending on the pyOpenSSL version, this can just return (None, None)
2854 (not_before, not_after) = GetX509CertValidity(cert)
2856 return _VerifyCertificateInner(cert.has_expired(), not_before, not_after,
2857 time.time(), warn_days, error_days)
2860 def SignX509Certificate(cert, key, salt):
2861 """Sign a X509 certificate.
2863 An RFC822-like signature header is added in front of the certificate.
2865 @type cert: OpenSSL.crypto.X509
2866 @param cert: X509 certificate object
2868 @param key: Key for HMAC
2870 @param salt: Salt for HMAC
2872 @return: Serialized and signed certificate in PEM format
2875 if not VALID_X509_SIGNATURE_SALT.match(salt):
2876 raise errors.GenericError("Invalid salt: %r" % salt)
2878 # Dumping as PEM here ensures the certificate is in a sane format
2879 cert_pem = OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM, cert)
2881 return ("%s: %s/%s\n\n%s" %
2882 (constants.X509_CERT_SIGNATURE_HEADER, salt,
2883 Sha1Hmac(key, cert_pem, salt=salt),
2887 def _ExtractX509CertificateSignature(cert_pem):
2888 """Helper function to extract signature from X509 certificate.
2891 # Extract signature from original PEM data
2892 for line in cert_pem.splitlines():
2893 if line.startswith("---"):
2896 m = X509_SIGNATURE.match(line.strip())
2898 return (m.group("salt"), m.group("sign"))
2900 raise errors.GenericError("X509 certificate signature is missing")
2903 def LoadSignedX509Certificate(cert_pem, key):
2904 """Verifies a signed X509 certificate.
2906 @type cert_pem: string
2907 @param cert_pem: Certificate in PEM format and with signature header
2909 @param key: Key for HMAC
2910 @rtype: tuple; (OpenSSL.crypto.X509, string)
2911 @return: X509 certificate object and salt
2914 (salt, signature) = _ExtractX509CertificateSignature(cert_pem)
2917 cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, cert_pem)
2919 # Dump again to ensure it's in a sane format
2920 sane_pem = OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM, cert)
2922 if not VerifySha1Hmac(key, sane_pem, signature, salt=salt):
2923 raise errors.GenericError("X509 certificate signature is invalid")
2928 def Sha1Hmac(key, text, salt=None):
2929 """Calculates the HMAC-SHA1 digest of a text.
2931 HMAC is defined in RFC2104.
2934 @param key: Secret key
2939 salted_text = salt + text
2943 return hmac.new(key, salted_text, compat.sha1).hexdigest()
2946 def VerifySha1Hmac(key, text, digest, salt=None):
2947 """Verifies the HMAC-SHA1 digest of a text.
2949 HMAC is defined in RFC2104.
2952 @param key: Secret key
2954 @type digest: string
2955 @param digest: Expected digest
2957 @return: Whether HMAC-SHA1 digest matches
2960 return digest.lower() == Sha1Hmac(key, text, salt=salt).lower()
2963 def SafeEncode(text):
2964 """Return a 'safe' version of a source string.
2966 This function mangles the input string and returns a version that
2967 should be safe to display/encode as ASCII. To this end, we first
2968 convert it to ASCII using the 'backslashreplace' encoding which
2969 should get rid of any non-ASCII chars, and then we process it
2970 through a loop copied from the string repr sources in the python; we
2971 don't use string_escape anymore since that escape single quotes and
2972 backslashes too, and that is too much; and that escaping is not
2973 stable, i.e. string_escape(string_escape(x)) != string_escape(x).
2975 @type text: str or unicode
2976 @param text: input data
2978 @return: a safe version of text
2981 if isinstance(text, unicode):
2982 # only if unicode; if str already, we handle it below
2983 text = text.encode('ascii', 'backslashreplace')
2993 elif c < 32 or c >= 127: # non-printable
2994 resu += "\\x%02x" % (c & 0xff)
3000 def UnescapeAndSplit(text, sep=","):
3001 """Split and unescape a string based on a given separator.
3003 This function splits a string based on a separator where the
3004 separator itself can be escape in order to be an element of the
3005 elements. The escaping rules are (assuming coma being the
3007 - a plain , separates the elements
3008 - a sequence \\\\, (double backslash plus comma) is handled as a
3009 backslash plus a separator comma
3010 - a sequence \, (backslash plus comma) is handled as a
3014 @param text: the string to split
3016 @param text: the separator
3018 @return: a list of strings
3021 # we split the list by sep (with no escaping at this stage)
3022 slist = text.split(sep)
3023 # next, we revisit the elements and if any of them ended with an odd
3024 # number of backslashes, then we join it with the next
3028 if e1.endswith("\\"):
3029 num_b = len(e1) - len(e1.rstrip("\\"))
3032 # here the backslashes remain (all), and will be reduced in
3034 rlist.append(e1 + sep + e2)
3037 # finally, replace backslash-something with something
3038 rlist = [re.sub(r"\\(.)", r"\1", v) for v in rlist]
3042 def CommaJoin(names):
3043 """Nicely join a set of identifiers.
3045 @param names: set, list or tuple
3046 @return: a string with the formatted results
3049 return ", ".join([str(val) for val in names])
3052 def BytesToMebibyte(value):
3053 """Converts bytes to mebibytes.
3056 @param value: Value in bytes
3058 @return: Value in mebibytes
3061 return int(round(value / (1024.0 * 1024.0), 0))
3064 def CalculateDirectorySize(path):
3065 """Calculates the size of a directory recursively.
3068 @param path: Path to directory
3070 @return: Size in mebibytes
3075 for (curpath, _, files) in os.walk(path):
3076 for filename in files:
3077 st = os.lstat(PathJoin(curpath, filename))
3080 return BytesToMebibyte(size)
3083 def GetFilesystemStats(path):
3084 """Returns the total and free space on a filesystem.
3087 @param path: Path on filesystem to be examined
3089 @return: tuple of (Total space, Free space) in mebibytes
3092 st = os.statvfs(path)
3094 fsize = BytesToMebibyte(st.f_bavail * st.f_frsize)
3095 tsize = BytesToMebibyte(st.f_blocks * st.f_frsize)
3096 return (tsize, fsize)
3099 def RunInSeparateProcess(fn, *args):
3100 """Runs a function in a separate process.
3102 Note: Only boolean return values are supported.
3105 @param fn: Function to be called
3107 @return: Function's result
3114 # In case the function uses temporary files
3115 ResetTempfileModule()
3118 result = int(bool(fn(*args)))
3119 assert result in (0, 1)
3120 except: # pylint: disable-msg=W0702
3121 logging.exception("Error while calling function in separate process")
3122 # 0 and 1 are reserved for the return value
3125 os._exit(result) # pylint: disable-msg=W0212
3129 # Avoid zombies and check exit code
3130 (_, status) = os.waitpid(pid, 0)
3132 if os.WIFSIGNALED(status):
3134 signum = os.WTERMSIG(status)
3136 exitcode = os.WEXITSTATUS(status)
3139 if not (exitcode in (0, 1) and signum is None):
3140 raise errors.GenericError("Child program failed (code=%s, signal=%s)" %
3143 return bool(exitcode)
3146 def IgnoreProcessNotFound(fn, *args, **kwargs):
3147 """Ignores ESRCH when calling a process-related function.
3149 ESRCH is raised when a process is not found.
3152 @return: Whether process was found
3157 except EnvironmentError, err:
3159 if err.errno == errno.ESRCH:
3166 def IgnoreSignals(fn, *args, **kwargs):
3167 """Tries to call a function ignoring failures due to EINTR.
3171 return fn(*args, **kwargs)
3172 except EnvironmentError, err:
3173 if err.errno == errno.EINTR:
3177 except (select.error, socket.error), err:
3178 # In python 2.6 and above select.error is an IOError, so it's handled
3179 # above, in 2.5 and below it's not, and it's handled here.
3180 if err.args and err.args[0] == errno.EINTR:
3186 def LockedMethod(fn):
3187 """Synchronized object access decorator.
3189 This decorator is intended to protect access to an object using the
3190 object's own lock which is hardcoded to '_lock'.
3193 def _LockDebug(*args, **kwargs):
3195 logging.debug(*args, **kwargs)
3197 def wrapper(self, *args, **kwargs):
3198 # pylint: disable-msg=W0212
3199 assert hasattr(self, '_lock')
3201 _LockDebug("Waiting for %s", lock)
3204 _LockDebug("Acquired %s", lock)
3205 result = fn(self, *args, **kwargs)
3207 _LockDebug("Releasing %s", lock)
3209 _LockDebug("Released %s", lock)
3215 """Locks a file using POSIX locks.
3218 @param fd: the file descriptor we need to lock
3222 fcntl.flock(fd, fcntl.LOCK_EX | fcntl.LOCK_NB)
3223 except IOError, err:
3224 if err.errno == errno.EAGAIN:
3225 raise errors.LockError("File already locked")
3229 def FormatTime(val):
3230 """Formats a time value.
3232 @type val: float or None
3233 @param val: the timestamp as returned by time.time()
3234 @return: a string value or N/A if we don't have a valid timestamp
3237 if val is None or not isinstance(val, (int, float)):
3239 # these two codes works on Linux, but they are not guaranteed on all
3241 return time.strftime("%F %T", time.localtime(val))
3244 def FormatSeconds(secs):
3245 """Formats seconds for easier reading.
3248 @param secs: Number of seconds
3250 @return: Formatted seconds (e.g. "2d 9h 19m 49s")
3255 secs = round(secs, 0)
3258 # Negative values would be a bit tricky
3259 for unit, one in [("d", 24 * 60 * 60), ("h", 60 * 60), ("m", 60)]:
3260 (complete, secs) = divmod(secs, one)
3261 if complete or parts:
3262 parts.append("%d%s" % (complete, unit))
3264 parts.append("%ds" % secs)
3266 return " ".join(parts)
3269 def ReadWatcherPauseFile(filename, now=None, remove_after=3600):
3270 """Reads the watcher pause file.
3272 @type filename: string
3273 @param filename: Path to watcher pause file
3274 @type now: None, float or int
3275 @param now: Current time as Unix timestamp
3276 @type remove_after: int
3277 @param remove_after: Remove watcher pause file after specified amount of
3278 seconds past the pause end time
3285 value = ReadFile(filename)
3286 except IOError, err:
3287 if err.errno != errno.ENOENT:
3291 if value is not None:
3295 logging.warning(("Watcher pause file (%s) contains invalid value,"
3296 " removing it"), filename)
3297 RemoveFile(filename)
3300 if value is not None:
3301 # Remove file if it's outdated
3302 if now > (value + remove_after):
3303 RemoveFile(filename)
3312 class RetryTimeout(Exception):
3313 """Retry loop timed out.
3315 Any arguments which was passed by the retried function to RetryAgain will be
3316 preserved in RetryTimeout, if it is raised. If such argument was an exception
3317 the RaiseInner helper method will reraise it.
3320 def RaiseInner(self):
3321 if self.args and isinstance(self.args[0], Exception):
3324 raise RetryTimeout(*self.args)
3327 class RetryAgain(Exception):
3330 Any arguments passed to RetryAgain will be preserved, if a timeout occurs, as
3331 arguments to RetryTimeout. If an exception is passed, the RaiseInner() method
3332 of the RetryTimeout() method can be used to reraise it.
3337 class _RetryDelayCalculator(object):
3338 """Calculator for increasing delays.
3348 def __init__(self, start, factor, limit):
3349 """Initializes this class.
3352 @param start: Initial delay
3354 @param factor: Factor for delay increase
3355 @type limit: float or None
3356 @param limit: Upper limit for delay or None for no limit
3360 assert factor >= 1.0
3361 assert limit is None or limit >= 0.0
3364 self._factor = factor
3370 """Returns current delay and calculates the next one.
3373 current = self._next
3375 # Update for next run
3376 if self._limit is None or self._next < self._limit:
3377 self._next = min(self._limit, self._next * self._factor)
3382 #: Special delay to specify whole remaining timeout
3383 RETRY_REMAINING_TIME = object()
3386 def Retry(fn, delay, timeout, args=None, wait_fn=time.sleep,
3387 _time_fn=time.time):
3388 """Call a function repeatedly until it succeeds.
3390 The function C{fn} is called repeatedly until it doesn't throw L{RetryAgain}
3391 anymore. Between calls a delay, specified by C{delay}, is inserted. After a
3392 total of C{timeout} seconds, this function throws L{RetryTimeout}.
3394 C{delay} can be one of the following:
3395 - callable returning the delay length as a float
3396 - Tuple of (start, factor, limit)
3397 - L{RETRY_REMAINING_TIME} to sleep until the timeout expires (this is
3398 useful when overriding L{wait_fn} to wait for an external event)
3399 - A static delay as a number (int or float)
3402 @param fn: Function to be called
3403 @param delay: Either a callable (returning the delay), a tuple of (start,
3404 factor, limit) (see L{_RetryDelayCalculator}),
3405 L{RETRY_REMAINING_TIME} or a number (int or float)
3406 @type timeout: float
3407 @param timeout: Total timeout
3408 @type wait_fn: callable
3409 @param wait_fn: Waiting function
3410 @return: Return value of function
3414 assert callable(wait_fn)
3415 assert callable(_time_fn)
3420 end_time = _time_fn() + timeout
3423 # External function to calculate delay
3426 elif isinstance(delay, (tuple, list)):
3427 # Increasing delay with optional upper boundary
3428 (start, factor, limit) = delay
3429 calc_delay = _RetryDelayCalculator(start, factor, limit)
3431 elif delay is RETRY_REMAINING_TIME:
3432 # Always use the remaining time
3437 calc_delay = lambda: delay
3439 assert calc_delay is None or callable(calc_delay)
3444 # pylint: disable-msg=W0142
3446 except RetryAgain, err:
3447 retry_args = err.args
3448 except RetryTimeout:
3449 raise errors.ProgrammerError("Nested retry loop detected that didn't"
3450 " handle RetryTimeout")
3452 remaining_time = end_time - _time_fn()
3454 if remaining_time < 0.0:
3455 # pylint: disable-msg=W0142
3456 raise RetryTimeout(*retry_args)
3458 assert remaining_time >= 0.0
3460 if calc_delay is None:
3461 wait_fn(remaining_time)
3463 current_delay = calc_delay()
3464 if current_delay > 0.0:
3465 wait_fn(current_delay)
3468 def GetClosedTempfile(*args, **kwargs):
3469 """Creates a temporary file and returns its path.
3472 (fd, path) = tempfile.mkstemp(*args, **kwargs)
3477 def GenerateSelfSignedX509Cert(common_name, validity):
3478 """Generates a self-signed X509 certificate.
3480 @type common_name: string
3481 @param common_name: commonName value
3483 @param validity: Validity for certificate in seconds
3486 # Create private and public key
3487 key = OpenSSL.crypto.PKey()
3488 key.generate_key(OpenSSL.crypto.TYPE_RSA, constants.RSA_KEY_BITS)
3490 # Create self-signed certificate
3491 cert = OpenSSL.crypto.X509()
3493 cert.get_subject().CN = common_name
3494 cert.set_serial_number(1)
3495 cert.gmtime_adj_notBefore(0)
3496 cert.gmtime_adj_notAfter(validity)
3497 cert.set_issuer(cert.get_subject())
3498 cert.set_pubkey(key)
3499 cert.sign(key, constants.X509_CERT_SIGN_DIGEST)
3501 key_pem = OpenSSL.crypto.dump_privatekey(OpenSSL.crypto.FILETYPE_PEM, key)
3502 cert_pem = OpenSSL.crypto.dump_certificate(OpenSSL.crypto.FILETYPE_PEM, cert)
3504 return (key_pem, cert_pem)
3507 def GenerateSelfSignedSslCert(filename, validity=(5 * 365)):
3508 """Legacy function to generate self-signed X509 certificate.
3511 (key_pem, cert_pem) = GenerateSelfSignedX509Cert(None,
3512 validity * 24 * 60 * 60)
3514 WriteFile(filename, mode=0400, data=key_pem + cert_pem)
3517 class FileLock(object):
3518 """Utility class for file locks.
3521 def __init__(self, fd, filename):
3522 """Constructor for FileLock.
3525 @param fd: File object
3527 @param filename: Path of the file opened at I{fd}
3531 self.filename = filename
3534 def Open(cls, filename):
3535 """Creates and opens a file to be used as a file-based lock.
3537 @type filename: string
3538 @param filename: path to the file to be locked
3541 # Using "os.open" is necessary to allow both opening existing file
3542 # read/write and creating if not existing. Vanilla "open" will truncate an
3543 # existing file -or- allow creating if not existing.
3544 return cls(os.fdopen(os.open(filename, os.O_RDWR | os.O_CREAT), "w+"),
3551 """Close the file and release the lock.
3554 if hasattr(self, "fd") and self.fd:
3558 def _flock(self, flag, blocking, timeout, errmsg):
3559 """Wrapper for fcntl.flock.
3562 @param flag: operation flag
3563 @type blocking: bool
3564 @param blocking: whether the operation should be done in blocking mode.
3565 @type timeout: None or float
3566 @param timeout: for how long the operation should be retried (implies
3568 @type errmsg: string
3569 @param errmsg: error message in case operation fails.
3572 assert self.fd, "Lock was closed"
3573 assert timeout is None or timeout >= 0, \
3574 "If specified, timeout must be positive"
3575 assert not (flag & fcntl.LOCK_NB), "LOCK_NB must not be set"
3577 # When a timeout is used, LOCK_NB must always be set
3578 if not (timeout is None and blocking):
3579 flag |= fcntl.LOCK_NB
3582 self._Lock(self.fd, flag, timeout)
3585 Retry(self._Lock, (0.1, 1.2, 1.0), timeout,
3586 args=(self.fd, flag, timeout))
3587 except RetryTimeout:
3588 raise errors.LockError(errmsg)
3591 def _Lock(fd, flag, timeout):
3593 fcntl.flock(fd, flag)
3594 except IOError, err:
3595 if timeout is not None and err.errno == errno.EAGAIN:
3598 logging.exception("fcntl.flock failed")
3601 def Exclusive(self, blocking=False, timeout=None):
3602 """Locks the file in exclusive mode.
3604 @type blocking: boolean
3605 @param blocking: whether to block and wait until we
3606 can lock the file or return immediately
3607 @type timeout: int or None
3608 @param timeout: if not None, the duration to wait for the lock
3612 self._flock(fcntl.LOCK_EX, blocking, timeout,
3613 "Failed to lock %s in exclusive mode" % self.filename)
3615 def Shared(self, blocking=False, timeout=None):
3616 """Locks the file in shared mode.
3618 @type blocking: boolean
3619 @param blocking: whether to block and wait until we
3620 can lock the file or return immediately
3621 @type timeout: int or None
3622 @param timeout: if not None, the duration to wait for the lock
3626 self._flock(fcntl.LOCK_SH, blocking, timeout,
3627 "Failed to lock %s in shared mode" % self.filename)
3629 def Unlock(self, blocking=True, timeout=None):
3630 """Unlocks the file.
3632 According to C{flock(2)}, unlocking can also be a nonblocking
3635 To make a non-blocking request, include LOCK_NB with any of the above
3638 @type blocking: boolean
3639 @param blocking: whether to block and wait until we
3640 can lock the file or return immediately
3641 @type timeout: int or None
3642 @param timeout: if not None, the duration to wait for the lock
3646 self._flock(fcntl.LOCK_UN, blocking, timeout,
3647 "Failed to unlock %s" % self.filename)
3651 """Splits data chunks into lines separated by newline.
3653 Instances provide a file-like interface.
3656 def __init__(self, line_fn, *args):
3657 """Initializes this class.
3659 @type line_fn: callable
3660 @param line_fn: Function called for each line, first parameter is line
3661 @param args: Extra arguments for L{line_fn}
3664 assert callable(line_fn)
3667 # Python 2.4 doesn't have functools.partial yet
3669 lambda line: line_fn(line, *args) # pylint: disable-msg=W0142
3671 self._line_fn = line_fn
3673 self._lines = collections.deque()
3676 def write(self, data):
3677 parts = (self._buffer + data).split("\n")
3678 self._buffer = parts.pop()
3679 self._lines.extend(parts)
3683 self._line_fn(self._lines.popleft().rstrip("\r\n"))
3688 self._line_fn(self._buffer)
3691 def SignalHandled(signums):
3692 """Signal Handled decoration.
3694 This special decorator installs a signal handler and then calls the target
3695 function. The function must accept a 'signal_handlers' keyword argument,
3696 which will contain a dict indexed by signal number, with SignalHandler
3699 The decorator can be safely stacked with iself, to handle multiple signals
3700 with different handlers.
3703 @param signums: signals to intercept
3707 def sig_function(*args, **kwargs):
3708 assert 'signal_handlers' not in kwargs or \
3709 kwargs['signal_handlers'] is None or \
3710 isinstance(kwargs['signal_handlers'], dict), \
3711 "Wrong signal_handlers parameter in original function call"
3712 if 'signal_handlers' in kwargs and kwargs['signal_handlers'] is not None:
3713 signal_handlers = kwargs['signal_handlers']
3715 signal_handlers = {}
3716 kwargs['signal_handlers'] = signal_handlers
3717 sighandler = SignalHandler(signums)
3720 signal_handlers[sig] = sighandler
3721 return fn(*args, **kwargs)
3728 class SignalWakeupFd(object):
3730 # This is only supported in Python 2.5 and above (some distributions
3731 # backported it to Python 2.4)
3732 _set_wakeup_fd_fn = signal.set_wakeup_fd
3733 except AttributeError:
3735 def _SetWakeupFd(self, _): # pylint: disable-msg=R0201
3738 def _SetWakeupFd(self, fd):
3739 return self._set_wakeup_fd_fn(fd)
3742 """Initializes this class.
3745 (read_fd, write_fd) = os.pipe()
3747 # Once these succeeded, the file descriptors will be closed automatically.
3748 # Buffer size 0 is important, otherwise .read() with a specified length
3749 # might buffer data and the file descriptors won't be marked readable.
3750 self._read_fh = os.fdopen(read_fd, "r", 0)
3751 self._write_fh = os.fdopen(write_fd, "w", 0)
3753 self._previous = self._SetWakeupFd(self._write_fh.fileno())
3756 self.fileno = self._read_fh.fileno
3757 self.read = self._read_fh.read
3760 """Restores the previous wakeup file descriptor.
3763 if hasattr(self, "_previous") and self._previous is not None:
3764 self._SetWakeupFd(self._previous)
3765 self._previous = None
3768 """Notifies the wakeup file descriptor.
3771 self._write_fh.write("\0")
3774 """Called before object deletion.
3780 class SignalHandler(object):
3781 """Generic signal handler class.
3783 It automatically restores the original handler when deconstructed or
3784 when L{Reset} is called. You can either pass your own handler
3785 function in or query the L{called} attribute to detect whether the
3789 @ivar signum: the signals we handle
3790 @type called: boolean
3791 @ivar called: tracks whether any of the signals have been raised
3794 def __init__(self, signum, handler_fn=None, wakeup=None):
3795 """Constructs a new SignalHandler instance.
3797 @type signum: int or list of ints
3798 @param signum: Single signal number or set of signal numbers
3799 @type handler_fn: callable
3800 @param handler_fn: Signal handling function
3803 assert handler_fn is None or callable(handler_fn)
3805 self.signum = set(signum)
3808 self._handler_fn = handler_fn
3809 self._wakeup = wakeup
3813 for signum in self.signum:
3815 prev_handler = signal.signal(signum, self._HandleSignal)
3817 self._previous[signum] = prev_handler
3819 # Restore previous handler
3820 signal.signal(signum, prev_handler)
3823 # Reset all handlers
3825 # Here we have a race condition: a handler may have already been called,
3826 # but there's not much we can do about it at this point.
3833 """Restore previous handler.
3835 This will reset all the signals to their previous handlers.
3838 for signum, prev_handler in self._previous.items():
3839 signal.signal(signum, prev_handler)
3840 # If successful, remove from dict
3841 del self._previous[signum]
3844 """Unsets the L{called} flag.
3846 This function can be used in case a signal may arrive several times.
3851 def _HandleSignal(self, signum, frame):
3852 """Actual signal handling function.
3855 # This is not nice and not absolutely atomic, but it appears to be the only
3856 # solution in Python -- there are no atomic types.
3860 # Notify whoever is interested in signals
3861 self._wakeup.Notify()
3863 if self._handler_fn:
3864 self._handler_fn(signum, frame)
3867 class FieldSet(object):
3868 """A simple field set.
3870 Among the features are:
3871 - checking if a string is among a list of static string or regex objects
3872 - checking if a whole list of string matches
3873 - returning the matching groups from a regex match
3875 Internally, all fields are held as regular expression objects.
3878 def __init__(self, *items):
3879 self.items = [re.compile("^%s$" % value) for value in items]
3881 def Extend(self, other_set):
3882 """Extend the field set with the items from another one"""
3883 self.items.extend(other_set.items)
3885 def Matches(self, field):
3886 """Checks if a field matches the current set
3889 @param field: the string to match
3890 @return: either None or a regular expression match object
3893 for m in itertools.ifilter(None, (val.match(field) for val in self.items)):
3897 def NonMatching(self, items):
3898 """Returns the list of fields not matching the current set
3901 @param items: the list of fields to check
3903 @return: list of non-matching fields
3906 return [val for val in items if not self.Matches(val)]